Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: CAcInR9perN55gXu/8fLVZYaX/J1t4cL6yVKIEQNwUI=
Subject key identifier: 5B:6E:1A:14:E8:61:77:AA:14:41:B3:C7:05:B6:D8:5F:BE:B4:3F:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1928D39CC84CB74DDB5F8A45D9DDD1B5C1AAD86E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Tue 29 Jul 2025 18:30:11 +0000
ROA not before: Tue 29 Jul 2025 18:30:11 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:28:d3:9c:c8:4c:b7:4d:db:5f:8a:45:d9:dd:d1:b5:c1:aa:d8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:11 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=49cecc9a671accf74da00a2be1fe97405580df9e4e0de0b6c91ac0e31bc12c00, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:45:c4:53:7c:f7:45:16:6c:b8:76:4e:66:88:
80:80:10:c4:a1:79:e7:08:f4:d4:e8:59:2f:f7:08:
da:76:58:36:cb:ab:0a:ba:a1:a0:19:90:37:b9:c5:
7a:94:53:5d:0f:ef:da:5f:45:a0:25:91:94:25:30:
1b:9d:3c:f3:f0:7f:8a:65:bf:28:99:75:1a:44:1b:
5d:bc:98:5b:5e:60:e6:79:93:f2:e8:11:d6:74:20:
78:e5:2c:ee:68:c3:71:e5:cd:34:de:ab:4a:35:6e:
cf:25:9c:dc:a5:bb:e3:ac:21:ba:f7:76:5e:e5:9a:
6c:42:9a:34:b9:be:5a:86:d0:ff:f6:28:c1:df:ba:
6b:cb:6f:6a:e5:7c:3f:ac:95:dd:57:09:de:fc:50:
5b:cf:36:d4:4e:ff:f9:fa:2c:14:ff:a4:fd:8e:3d:
53:8b:16:59:84:5e:dc:51:c4:32:70:3c:ba:23:42:
5e:9c:a4:77:a5:cb:d7:94:df:63:0e:38:92:6c:21:
ce:39:ff:4a:8e:55:94:c3:8f:b0:6e:f6:c7:52:da:
bd:7b:c1:98:15:9c:97:c1:b8:a7:44:38:45:b4:f1:
4a:7a:a6:b6:85:fb:cf:cd:77:78:a1:0e:38:15:6b:
6d:94:16:25:47:bd:bb:20:d3:16:79:3a:12:4c:da:
37:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6E:1A:14:E8:61:77:AA:14:41:B3:C7:05:B6:D8:5F:BE:B4:3F:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
ad:a3:43:c0:5f:61:61:e6:d1:88:b4:dc:2e:ed:a0:c2:d4:84:
9c:82:0b:4a:50:c7:45:78:bd:32:14:5f:89:48:99:13:29:73:
9d:bf:ca:3d:8f:2e:84:46:95:d0:61:eb:da:99:c3:58:11:6c:
be:8a:25:3c:91:a2:dc:73:33:0f:fa:2b:2e:ce:48:1a:c8:6d:
3f:13:1f:d3:ae:b2:c8:ab:a5:60:ba:6c:6b:9f:80:35:95:42:
b5:9f:4a:b3:65:0a:63:fb:07:c3:8a:64:3d:5a:37:10:af:7b:
df:5d:18:a3:f4:58:5d:4b:1b:7c:ae:da:d5:e9:36:8e:9e:b7:
6f:97:3e:ae:06:61:86:20:72:15:81:4b:bf:75:f5:95:a0:2d:
25:fc:59:d8:c5:4d:59:c2:4c:87:c2:61:7e:c2:59:5e:4d:c8:
12:db:e6:36:c7:a6:14:09:5e:71:12:08:06:f1:e3:26:00:49:
73:44:ed:30:f4:00:3f:1d:91:47:f2:fa:a3:56:65:fc:97:6c:
dc:1a:96:fe:c3:1e:64:64:8a:42:cd:62:a1:f6:d9:e3:2c:2f:
42:e2:99:0e:e8:70:6c:60:00:50:86:9c:76:01:1c:1e:eb:d2:
b4:80:71:b9:f8:69:9b:91:27:8d:6c:d3:ff:4b:68:6c:d8:43:
68:71:ca:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGSjTnMhMt03bX4pF2d3RtcGq2G4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTFaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5Y2VjYzlhNjcxYWNjZjc0ZGEwMGEyYmUxZmU5NzQwNTU4MGRmOWU0ZTBk
ZTBiNmM5MWFjMGUzMWJjMTJjMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPtFxFN890UWbLh2TmaIgIAQxKF55wj01OhZL/cI2nZYNsurCrqhoBmQN7nF
epRTXQ/v2l9FoCWRlCUwG5088/B/imW/KJl1GkQbXbyYW15g5nmT8ugR1nQgeOUs
7mjDceXNNN6rSjVuzyWc3KW746whuvd2XuWabEKaNLm+WobQ//Yowd+6a8tvauV8
P6yV3VcJ3vxQW8821E7/+fosFP+k/Y49U4sWWYRe3FHEMnA8uiNCXpykd6XL15Tf
Yw44kmwhzjn/So5VlMOPsG72x1LavXvBmBWcl8G4p0Q4RbTxSnqmtoX7z813eKEO
OBVrbZQWJUe9uyDTFnk6EkzaNwUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbbhoU
6GF3qhRBs8cFtthfvrQ/XDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCto0PAX2Fh5tGItNwu7aDC1IScggtKUMdFeL0y
FF+JSJkTKXOdv8o9jy6ERpXQYevamcNYEWy+iiU8kaLcczMP+isuzkgayG0/Ex/T
rrLIq6Vgumxrn4A1lUK1n0qzZQpj+wfDimQ9WjcQr3vfXRij9FhdSxt8rtrV6TaO
nrdvlz6uBmGGIHIVgUu/dfWVoC0l/FnYxU1ZwkyHwmF+wlleTcgS2+Y2x6YUCV5x
EggG8eMmAElzRO0w9AA/HZFH8vqjVmX8l2zcGpb+wx5kZIpCzWKh9tnjLC9C4pkO
6HBsYABQhpx2ARwe69K0gHG5+GmbkSeNbNP/S2hs2ENoccq0
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:36 2025 by rpki-client